Quora breached. Change your passwords immediately.

ByCraig Haley

Users of question-and-answer website Quora are being told to urgently change their passwords following a data breach that affected around half of its userbase, around 100 million accounts.

The news arrived through email on Tuesday (Dec 4th 2018) this week announcing user data had been obtained by “a third party”.

While the security investigation is on-going, Quora claim they know the root issue that led to the breach and are working on fixing it. However the data that was stolen from their website, which includes usernames, email addresses and encrypted passwords, is now out there on the Internet, and could be sold to scammers.

As an inevitable security step, Quora has invalidated the passwords of affected users, who will be logged out of the website and forced to change their password.

However, as is always the case with these sizeable data breaches, the issue isn’t necessarily with crooks accessing a victim’s Quora account, (the stolen passwords have been invalidated, after all) rather it’s with crooks taking advantage of people’s tendencies to reuse the same passwords and email/username combinations across different websites.


Sponsored Content. Continued below...




Meaning if crooks manage to decrypt the stolen password and pair them with their respective usernames and emails, crooks are likely to try those credentials on other services including Facebook, PayPal and email accounts.

Two ways to prevent this type of thing from happening is…

– Don’t use the same passwords across different websites, and if you do reuse your Quora password elsewhere, change it now.

– Always enable two-factor authentication when possible. This way, even if the crooks did get the right password and email for another account, they still can’t access it.


Sponsored Content. Continued below...




Another concern is that crooks may use your leaked email and password to try and initiate convincing email scams. In the scam emails, crooks will reveal your leaked password to make their email appear convincing, and then go on to try and lure you into sending them money.

One popular example of that in 2018 is trying to trick recipients into thinking they’ve been caught watching adult content through their device’s webcam, along with an extortion attempt to force them into sending money or risk having the compromising footage released to their friends and family.

The bottom line, however, is that if you use Quora, regardless of whether you got an email like the one above, make sure you’re no longer using that password. Anywhere on the Internet.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)